Company

Technical Security Consulting

Managing Risk

Research & Development

Forensics

Security Management

Media Centre

PCI DSS

• Home
• Overview
• IRM PCI DSS Services
• PCI Documents

Overview

IRM is a Qualified Security Assessor Company (QSAC), a Payment Application Best Practice (PABP soon to be PA-DSS) and a Qualified Forensics Invevstigator (QFI) for all payment cards and has specialist consultants with full QSA status available to advise clients on all aspects of their route to PCI DSS compliance as well as conducting formal PCI DSS assessments.

The Payment Card Industry (PCI) Data Security Standard (DSS) is a mandatory requirement on all organisations that process credit card or debit card payments, develop products for payment card transactions and/or store cardholder details. PCI DSS defines the requirements for payment card security, sets out the levels of compliance that organisations will need to meet and the way in which that compliance will be assured.

These requirements are backed up by a series of punitive sanctions for non-compliance.
The PCI DSS requires that organisations handling payment card data:

• build and maintain a secure network
• protect cardholder data
• maintain a vulnerability management program
• implement strong access control measures
• regularly monitor and test networks
• develop and maintain an information security policy

Please click here to view IRM's PCI DSS Compliance Roadmap, which details the steps necessary to ensure compliance with the PCI DSS requirement.